universal · August 29, 2015 14:19
diff --git a/error.rb b/error.rb
 Failures:

  1) UserSessionsController#create with correct credentials with device_id and device_type set someone else is logged in with the same devic
 e_id adds AddDeviceToken to the queue
     Failure/Error: expect{
       expected result to have changed by 1, but was changed by 0
     # ./spec/controllers/user_sessions_controller_spec.rb:91:in `block (6 levels) in <top (required)>'

 Finished in 1.45 seconds (files took 2.33 seconds to load)
 13 examples, 1 failure

 Failed examples:

 rspec ./spec/controllers/user_sessions_controller_spec.rb:86 # UserSessionsController#create with correct credentials with device_id and dev
 ice_type set someone else is logged in with the same device_id adds AddDeviceToken to the queue
diff --git a/rails_helper.rb b/rails_helper.rb
 # This file is copied to spec/ when you run 'rails generate rspec:install'
 ENV['RAILS_ENV'] ||= 'test'
 require 'spec_helper'
 require File.expand_path('../../config/environment', __FILE__)
 require 'rspec/rails'
 # Add additional requires below this line. Rails is not loaded until this point!

 # Requires supporting ruby files with custom matchers and macros, etc, in
 # spec/support/ and its subdirectories. Files matching `spec/**/*_spec.rb` are
 # run as spec files by default. This means that files in spec/support that end
 # in _spec.rb will both be required and run as specs, causing the specs to be
 # run twice. It is recommended that you do not name files matching this glob to
 # end with _spec.rb. You can configure this pattern with the --pattern
 # option on the command line or in ~/.rspec, .rspec or `.rspec-local`.
 #
 # The following line is provided for convenience purposes. It has the downside
 # of increasing the boot-up time by auto-requiring all files in the support
 # directory. Alternatively, in the individual `*_spec.rb` files, manually
 # require only the support files necessary.
 #
 # Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f }

 # Checks for pending migrations before tests are run.
 # If you are not using ActiveRecord, you can remove this line.
 ActiveRecord::Migration.maintain_test_schema!

 RSpec.configure do |config|
  # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
  config.fixture_path = "#{::Rails.root}/spec/fixtures"

  # If you're not using ActiveRecord, or you'd prefer not to run each of your
  # examples within a transaction, remove the following line or assign false
  # instead of true.
  config.use_transactional_fixtures = true

  config.filter_run :focus => true

  # RSpec Rails can automatically mix in different behaviours to your tests
  # based on their file location, for example enabling you to call `get` and
  # `post` in specs under `spec/controllers`.
  #
  # You can disable this behaviour by removing the line below, and instead
  # explicitly tag your specs with their type, e.g.:
  #
  #     RSpec.describe UsersController, :type => :controller do
  #       # ...
  #     end
  #
  # The different available types are documented in the features, such as in
  # https://relishapp.com/rspec/rspec-rails/docs
  config.infer_spec_type_from_file_location!

  REDIS_PID = "#{Rails.root}/tmp/pids/redis-test.pid"
  REDIS_CACHE_PATH = "#{Rails.root}/tmp/cache/"

  config.before(:suite) do
    redis_options = {
      "daemonize"     => 'yes',
      "pidfile"       => REDIS_PID,
      "port"          => 9736,
      "timeout"       => 300,
      "save 900"      => 1,
      "save 300"      => 1,
      "save 60"       => 10000,
      "dbfilename"    => "dump.rdb",
      "dir"           => REDIS_CACHE_PATH,
      "loglevel"      => "debug",
      "logfile"       => "stdout",
      "databases"     => 16
    }.map { |k, v| "#{k} \"#{v}\"" }.join("\n")
    `echo '#{redis_options}' | redis-server -`
  end

  config.after(:suite) do
    %x{
      cat "#{REDIS_PID}" | xargs kill -QUIT
      rm -f "#{REDIS_CACHE_PATH}dump.rdb"
    }
  end
 end
diff --git a/user_sessions_controller.rb b/user_sessions_controller.rb
 class UserSessionsController < ApplicationController
  # TODO: `session` is a reserved word in Rails, and we therefor need to change
  # this name
  before_action :check_session, only: :destroy

  def create
    user = authenticate(params[:username], params[:password])

    if user
      user_session = UserSession.find_or_create_by(user_id: user.id)
      user_session.generate_token(user.id)
      user_session.device_id = params[:device_id]
      
      # TODO: Refactor this to smaller methods

      if params[:device_type] == 'ios'
        arn = ENV['AWS_SNS_IOS_ARN']
      end

      unless arn == nil or user_session.device_id == nil
                
        update_token_params = { arn: arn, device_id: user_session.device_id, user_id: user.id }

        device_id_other_user = UserSession.where(
          "device_id=? AND user_id != ?", user_session.device_id, user_session.user_id).take
        
        unless device_id_other_user.nil?
          Resque.enqueue(AddDeviceToken, update_token_params, device_id_other_user.user.sns_endpoint_arn)
          device_id_other_user.user.update_attributes(sns_endpoint_arn: nil)
          device_id_other_user.destroy 
        else
          Resque.enqueue(AddDeviceToken, update_token_params)
        end

      end

      user_session.save! 
       
      json_response 200,
        success: true, 
        message_id: 'user_session_created',
        message: I18n.t('success.user_session_created'),
        data: {
          user_session: {
            auth_token: user_session.auth_token,
            user_id: user_session.user_id
          }
        }
    else
      json_response 401,
        success: false, 
        message_id: 'bad_credentials',
        message: I18n.t('error.bad_credentials'),
        error: {
          "password": ["is incorrect"]
        }
    end

  end  

  def destroy
    @user_session.destroy!
    
    json_response 200,
      success: true,
      message_id: 'user_session_destroyed',
      message: I18n.t('success.user_session_destroyed')

  end

  private 

  def authenticate(username, password)
   
    user = User.find_by_username(username)

    if user && user.password_hash == 
               BCrypt::Engine.hash_secret(password, user.password_salt)
      user
    else
      nil
    end

  end

 end
diff --git a/user_sessions_controller_spec.rb b/user_sessions_controller_spec.rb
 require 'rails_helper'

 describe UserSessionsController do

  let(:user) { FactoryGirl.create(:user) }
  let(:logged_in_user) { FactoryGirl.create(:user, :logged_in) }
  let!(:liu_device_id) { FactoryGirl.create(:user, :logged_in_with_device_id) }
  let!(:header) { {'X-AUTH-TOKEN' => logged_in_user.user_session.auth_token} }

  describe '#create' do

    let(:login_credentials) { 
      { username: user.username,
        password: user.password }
    }

    context 'with incorrect credentials' do

      it 'returns 401' do
        post :create, { username: '', password: '' }
        expect(response).to have_http_status(401)        
      end

      it 'does not save the session' do
        auth_token = logged_in_user.user_session.auth_token
        post :create, { username: logged_in_user.username, password: 'wrong' }
        expect(logged_in_user.user_session.reload.auth_token).to eq(auth_token) 
      end

    end

    context 'with correct credentials' do

      ENV['AWS_SNS_IOS_ARN'] = 'A'*30

      let(:liu_login_credentials) { 
        { username: logged_in_user.username,
          password: logged_in_user.password }
      }

      let(:liu_device_id_creds) {
        { username: liu_device_id.username,
          password: liu_device_id.password,
          device_id: liu_device_id.user_session.device_id,
          device_type: liu_device_id.user_session.device_type }
      }
      
      it 'returns 200' do
        post :create, login_credentials
        expect(response).to be_success
      end

      it 'creates new sessions' do
        expect {
          post :create, login_credentials
        }.to change(UserSession, :count).by(1)
      end

      it 'updates old sessions' do
          post :create, liu_login_credentials
                       
        expect {
          post :create, liu_login_credentials
        }.to change(UserSession, :count).by(0)        
      end

      context 'with device_id and device_type set' do

        it 'updates sessions when users are already logged in' do
          auth_token = liu_device_id.user_session.auth_token
          post :create, liu_device_id_creds
          expect(liu_device_id.user_session.reload.auth_token).to_not eq(auth_token)
        end

        context 'someone else is logged in with the same device_id' do
          
          before do
            client = Aws::SNS::Client.new(stub_responses: true)
            expect(Aws::SNS::Client).to receive(:new) { client }
          end

          it 'deletes other sessions having the same device_id' do
            Resque.inline = true
          end

          it 'adds AddDeviceToken to the queue', focus: true do

            device = { device_id: liu_device_id_creds[:device_id],
                       device_type: liu_device_id_creds[:device_type] }

            expect(Resque).to receive(:enqueue).and_return(true)
            post :create, login_credentials.merge(device)
         end
        end
      end
    end
  end

 end
	Failures:

	1) UserSessionsController#create with correct credentials with device_id and device_type set someone else is logged in with the same devic
	e_id adds AddDeviceToken to the queue
	Failure/Error: expect{
	expected result to have changed by 1, but was changed by 0
	# ./spec/controllers/user_sessions_controller_spec.rb:91:in `block (6 levels) in <top (required)>'

	Finished in 1.45 seconds (files took 2.33 seconds to load)
	13 examples, 1 failure

	Failed examples:

	rspec ./spec/controllers/user_sessions_controller_spec.rb:86 # UserSessionsController#create with correct credentials with device_id and dev
	ice_type set someone else is logged in with the same device_id adds AddDeviceToken to the queue
	# This file is copied to spec/ when you run 'rails generate rspec:install'
	ENV['RAILS_ENV'] \|\|= 'test'
	require 'spec_helper'
	require File.expand_path('../../config/environment', __FILE__)
	require 'rspec/rails'
	# Add additional requires below this line. Rails is not loaded until this point!

	# Requires supporting ruby files with custom matchers and macros, etc, in
	# spec/support/ and its subdirectories. Files matching `spec/*/_spec.rb` are
	# run as spec files by default. This means that files in spec/support that end
	# in _spec.rb will both be required and run as specs, causing the specs to be
	# run twice. It is recommended that you do not name files matching this glob to
	# end with _spec.rb. You can configure this pattern with the --pattern
	# option on the command line or in ~/.rspec, .rspec or `.rspec-local`.
	#
	# The following line is provided for convenience purposes. It has the downside
	# of increasing the boot-up time by auto-requiring all files in the support
	# directory. Alternatively, in the individual `*_spec.rb` files, manually
	# require only the support files necessary.
	#
	# Dir[Rails.root.join('spec/support/*/.rb')].each { \|f\| require f }

	# Checks for pending migrations before tests are run.
	# If you are not using ActiveRecord, you can remove this line.
	ActiveRecord::Migration.maintain_test_schema!

	RSpec.configure do \|config\|
	# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
	config.fixture_path = "#{::Rails.root}/spec/fixtures"

	# If you're not using ActiveRecord, or you'd prefer not to run each of your
	# examples within a transaction, remove the following line or assign false
	# instead of true.
	config.use_transactional_fixtures = true

	config.filter_run :focus => true

	# RSpec Rails can automatically mix in different behaviours to your tests
	# based on their file location, for example enabling you to call `get` and
	# `post` in specs under `spec/controllers`.
	#
	# You can disable this behaviour by removing the line below, and instead
	# explicitly tag your specs with their type, e.g.:
	#
	# RSpec.describe UsersController, :type => :controller do
	# # ...
	# end
	#
	# The different available types are documented in the features, such as in
	# https://relishapp.com/rspec/rspec-rails/docs
	config.infer_spec_type_from_file_location!

	REDIS_PID = "#{Rails.root}/tmp/pids/redis-test.pid"
	REDIS_CACHE_PATH = "#{Rails.root}/tmp/cache/"

	config.before(:suite) do
	redis_options = {
	"daemonize" => 'yes',
	"pidfile" => REDIS_PID,
	"port" => 9736,
	"timeout" => 300,
	"save 900" => 1,
	"save 300" => 1,
	"save 60" => 10000,
	"dbfilename" => "dump.rdb",
	"dir" => REDIS_CACHE_PATH,
	"loglevel" => "debug",
	"logfile" => "stdout",
	"databases" => 16
	}.map { \|k, v\| "#{k} \"#{v}\"" }.join("\n")
	`echo '#{redis_options}' \| redis-server -`
	end

	config.after(:suite) do
	%x{
	cat "#{REDIS_PID}" \| xargs kill -QUIT
	rm -f "#{REDIS_CACHE_PATH}dump.rdb"
	}
	end
	end
	class UserSessionsController < ApplicationController
	# TODO: `session` is a reserved word in Rails, and we therefor need to change
	# this name
	before_action :check_session, only: :destroy

	def create
	user = authenticate(params[:username], params[:password])

	if user
	user_session = UserSession.find_or_create_by(user_id: user.id)
	user_session.generate_token(user.id)
	user_session.device_id = params[:device_id]

	# TODO: Refactor this to smaller methods

	if params[:device_type] == 'ios'
	arn = ENV['AWS_SNS_IOS_ARN']
	end

	unless arn == nil or user_session.device_id == nil

	update_token_params = { arn: arn, device_id: user_session.device_id, user_id: user.id }

	device_id_other_user = UserSession.where(
	"device_id=? AND user_id != ?", user_session.device_id, user_session.user_id).take

	unless device_id_other_user.nil?
	Resque.enqueue(AddDeviceToken, update_token_params, device_id_other_user.user.sns_endpoint_arn)
	device_id_other_user.user.update_attributes(sns_endpoint_arn: nil)
	device_id_other_user.destroy
	else
	Resque.enqueue(AddDeviceToken, update_token_params)
	end

	end

	user_session.save!

	json_response 200,
	success: true,
	message_id: 'user_session_created',
	message: I18n.t('success.user_session_created'),
	data: {
	user_session: {
	auth_token: user_session.auth_token,
	user_id: user_session.user_id
	}
	}
	else
	json_response 401,
	success: false,
	message_id: 'bad_credentials',
	message: I18n.t('error.bad_credentials'),
	error: {
	"password": ["is incorrect"]
	}
	end

	end

	def destroy
	@user_session.destroy!

	json_response 200,
	success: true,
	message_id: 'user_session_destroyed',
	message: I18n.t('success.user_session_destroyed')

	end

	private

	def authenticate(username, password)

	user = User.find_by_username(username)

	if user && user.password_hash ==
	BCrypt::Engine.hash_secret(password, user.password_salt)
	user
	else
	nil
	end

	end

	end
	require 'rails_helper'

	describe UserSessionsController do

	let(:user) { FactoryGirl.create(:user) }
	let(:logged_in_user) { FactoryGirl.create(:user, :logged_in) }
	let!(:liu_device_id) { FactoryGirl.create(:user, :logged_in_with_device_id) }
	let!(:header) { {'X-AUTH-TOKEN' => logged_in_user.user_session.auth_token} }

	describe '#create' do

	let(:login_credentials) {
	{ username: user.username,
	password: user.password }
	}

	context 'with incorrect credentials' do

	it 'returns 401' do
	post :create, { username: '', password: '' }
	expect(response).to have_http_status(401)
	end

	it 'does not save the session' do
	auth_token = logged_in_user.user_session.auth_token
	post :create, { username: logged_in_user.username, password: 'wrong' }
	expect(logged_in_user.user_session.reload.auth_token).to eq(auth_token)
	end

	end

	context 'with correct credentials' do

	ENV['AWS_SNS_IOS_ARN'] = 'A'*30

	let(:liu_login_credentials) {
	{ username: logged_in_user.username,
	password: logged_in_user.password }
	}

	let(:liu_device_id_creds) {
	{ username: liu_device_id.username,
	password: liu_device_id.password,
	device_id: liu_device_id.user_session.device_id,
	device_type: liu_device_id.user_session.device_type }
	}

	it 'returns 200' do
	post :create, login_credentials
	expect(response).to be_success
	end

	it 'creates new sessions' do
	expect {
	post :create, login_credentials
	}.to change(UserSession, :count).by(1)
	end

	it 'updates old sessions' do
	post :create, liu_login_credentials

	expect {
	post :create, liu_login_credentials
	}.to change(UserSession, :count).by(0)
	end

	context 'with device_id and device_type set' do

	it 'updates sessions when users are already logged in' do
	auth_token = liu_device_id.user_session.auth_token
	post :create, liu_device_id_creds
	expect(liu_device_id.user_session.reload.auth_token).to_not eq(auth_token)
	end

	context 'someone else is logged in with the same device_id' do

	before do
	client = Aws::SNS::Client.new(stub_responses: true)
	expect(Aws::SNS::Client).to receive(:new) { client }
	end

	it 'deletes other sessions having the same device_id' do
	Resque.inline = true
	end

	it 'adds AddDeviceToken to the queue', focus: true do

	device = { device_id: liu_device_id_creds[:device_id],
	device_type: liu_device_id_creds[:device_type] }

	expect(Resque).to receive(:enqueue).and_return(true)
	post :create, login_credentials.merge(device)
	end
	end
	end
	end
	end

	end